MicrosoftDocs
diff --git a/‎defender-endpoint/TOC.yml‎
Lines changed: 1 addition & 1 deletion b/‎defender-endpoint/TOC.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender-endpoint/android-configure.md‎
Lines changed: 2 additions & 2 deletions b/‎defender-endpoint/android-configure.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎defender-endpoint/api/exposed-apis-create-app-webapp.md‎
Lines changed: 2 additions & 8 deletions b/‎defender-endpoint/api/exposed-apis-create-app-webapp.md‎
Lines changed: 2 additions & 8 deletions
diff --git a/‎defender-endpoint/defender-endpoint-trial-user-guide.md‎
Lines changed: 8 additions & 8 deletions b/‎defender-endpoint/defender-endpoint-trial-user-guide.md‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎defender-endpoint/indicators-overview.md‎
Lines changed: 5 additions & 0 deletions b/‎defender-endpoint/indicators-overview.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎defender-endpoint/ios-whatsnew.md‎
Lines changed: 16 additions & 2 deletions b/‎defender-endpoint/ios-whatsnew.md‎
Lines changed: 16 additions & 2 deletions
diff --git a/‎defender-endpoint/mac-device-control-overview.md‎
Lines changed: 2 additions & 6 deletions b/‎defender-endpoint/mac-device-control-overview.md‎
Lines changed: 2 additions & 6 deletions
diff --git a/‎defender-endpoint/media/offboard-machines/remove-endpoint.png‎
120 KB b/‎defender-endpoint/media/offboard-machines/remove-endpoint.png‎
120 KB
@@ -8,7 +8,7 @@
     items:
     - name: What is Microsoft Defender for Endpoint?
       items: 
-      - name: Defender for Endpoint on Windows
+      - name: Defender for Endpoint
         href: microsoft-defender-endpoint.md
       - name: Defender for Endpoint on macOS
         href: microsoft-defender-endpoint-mac.md
 
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: how-to
 ms.subservice: android
 search.appverid: met150
-ms.date: 10/23/2025
+ms.date: 11/06/2025
 appliesto:
    - Microsoft Defender for Endpoint Plan 1
    - Microsoft Defender for Endpoint Plan 2
@@ -33,7 +33,7 @@ For more information about how to set up Defender for Endpoint on Android and Co
 ## Configure custom indicators
 
 > [!NOTE]
-> Defender for Endpoint on Android only supports creating custom indicators for IP addresses and URLs/domains.
+> Defender for Endpoint on Android supports creating custom indicators only for URLs and domains. IP-based custom indicators aren't supported on Android.
 > 
 > IP `245.245.0.1` is an internal Defender IP and should not be included in custom indicators by customers to avoid any functionality issues.
 > Also, alerts for custom indicators are currently not supported for Defender for Endpoint on Android.
 
@@ -50,6 +50,8 @@ Having the [Microsoft Entra role](/entra/identity/role-based-access-control/mana
 
 ## Step 2: Add a secret to your app
 
+This section describes authenticating your app using an app secret. To authenticate your app using a certificate, see [Create a self-signed public certificate to authenticate your application](/entra/identity-platform/howto-create-self-signed-certificate).
+
 1. From the application page, select *Certificates & secrets* > *New client secret*.
 
 2. In the *Add a client secret* pane, add a description and expiration date.
@@ -163,11 +165,3 @@ var request = new HttpRequestMessage(HttpMethod.Get, "https://api.securitycenter
 request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
 var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
 ```
-
-## See also
-
-* [Get access with user context](exposed-apis-create-app-nativeapp.md)
-
-* [Supported Microsoft Defender for Endpoint APIs](exposed-apis-list.md)
-
-* [Access Microsoft Defender for Endpoint on behalf of a user](exposed-apis-create-app-nativeapp.md)
@@ -39,19 +39,19 @@ This playbook is a simple guide to help you make the most of your free trial. Us
 <center><h2>Microsoft Defender for Endpoint</center></h2>
 <table>
 <tr>
-<td><a href="microsoft-defender-endpoint.md#tvm"><center><img src="media/logo-mdvm.png" alt="Vulnerability Management"> <br><b> Core Defender Vulnerability Management</b></center></a></td>
-<td><a href="microsoft-defender-endpoint.md#asr"><center><img src="media/asr-icon.png" alt="Attack surface reduction"><br><b>Attack surface reduction</b></center></a></td>
-<td><center><a href="microsoft-defender-endpoint.md#ngp"><img src="media/ngp-icon.png" alt="Next-generation protection"><br> <b>Next-generation protection</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#edr"><img src="media/edr-icon.png" alt="Endpoint detection and response"><br> <b>Endpoint detection and response</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#ai"><img src="media/air-icon.png" alt="Automated investigation and remediation"><br> <b>Automated investigation and remediation</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#mte"><img src="media/mte-icon.png" alt="Microsoft Threat Experts"><br> <b>Microsoft Threat Experts</b></a></center></td>
+<td><a href="/defender-vulnerability-management/defender-vulnerability-management"><center><img src="media/logo-mdvm.png" alt="Vulnerability Management"> <br><b> Core Defender Vulnerability Management</b></center></a></td>
+<td><a href="overview-attack-surface-reduction.md"><center><img src="media/asr-icon.png" alt="Attack surface reduction"><br><b>Attack surface reduction</b></center></a></td>
+<td><center><a href="next-generation-protection.md"><img src="media/ngp-icon.png" alt="Next-generation protection"><br> <b>Next-generation protection</b></a></center></td>
+<td><center><a href="overview-endpoint-detection-response.md"><img src="media/edr-icon.png" alt="Endpoint detection and response"><br> <b>Endpoint detection and response</b></a></center></td>
+<td><center><a href="automated-investigations.md"><img src="media/air-icon.png" alt="Automated investigation and remediation"><br> <b>Automated investigation and remediation</b></a></center></td>
+<td><center><a href="endpoint-attack-notifications.md"><img src="media/mte-icon.png" alt="Microsoft Threat Experts"><br> <b>Microsoft Threat Experts</b></a></center></td>
 </tr>
 <tr>
 <td colspan="7">
-<a href="microsoft-defender-endpoint.md#apis"><center><b>Centralized configuration and administration, APIs</a></b></center></td>
+<a href="api/management-apis.md"><center><b>Centralized configuration and administration, APIs</a></b></center></td>
 </tr>
 <tr>
-<td colspan="7"><a href="microsoft-defender-endpoint.md#mtp"><center><b>Microsoft Defender portal</a></center></b></td>
+<td colspan="7"><a href="/unified-secops/overview-defender-portal"><center><b>Microsoft Defender portal</a></center></b></td>
 </tr>
 </table>
 <br>
 
@@ -119,6 +119,11 @@ When your security team creates a new indicator (IoC), the following actions are
 > [!NOTE]
 > Using Warn mode prompts users with a warning if they open a risky app or website. The prompt doesn't block them from allowing the application or website to run, but you can provide a custom message and links to a company page that describes appropriate usage of the app. Users can still bypass the warning and continue to use the app if necessary. For more information, see [Govern apps discovered by Microsoft Defender for Endpoint](/defender-cloud-apps/mde-govern).
 
+> [!NOTE]
+> For Warn action, To receive the toast notification to be able to bypass the IoC, make sure the **“Files or activities are blocked”** option is enabled under **Virus & Threat Protection notifications**. The corresponding registry key should be set as follows: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender Security Center\Virus and threat protection\FilesBlockedNotificationDisabled = 0.  
+>   
+>  More details see **[Windows Security app settings](https://support.microsoft.com/windows/windows-security-app-settings-1ec98620-4e41-4b6b-b055-3c4bb115d4ee#bkmk_notifications)**.
+
 You can create an indicator for:
 
 - [Files](indicator-file.md)
 
@@ -6,7 +6,7 @@ ms.author: lwainstein
 author: limwainstein
 ms.reviewer: sunasing; denishdonga
 ms.localizationpriority: medium
-ms.date: 09/05/2025
+ms.date: 11/06/2025
 manager: bagol
 audience: ITPro
 ms.collection: 
@@ -29,11 +29,25 @@ Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](
 
 ## Releases for Defender for Endpoint on iOS
 
+#### November 2025
+
+| Build| 1.1.70290103|
+| -------- | -------- |
+| Release Date   |November 6, 2025|
+
+**What's New**
+
+- An improved user feedback experience: See [Key Changes - November 2025](./ios-new-ux.md#key-changes---november-2025) for details.
+
+- Added Landscape mode UI support for the Defender app.
+
+- Additional telemetry features to improve app performance monitoring and detect specific scenarios, such as entering landscape mode or invalid authentication attempts.
+
 #### October 2025
 
 | Build| 1.1.70230101|
 | -------- | -------- |
-| Release Date   |October 28, 2025|
+| Release Date   |October 26, 2025|
 
 **What's New**
 
 
@@ -1,4 +1,4 @@
----
+---
 title: Device control for macOS
 description: Learn how to configure Microsoft Defender for Endpoint on Mac to reduce threats from removable storage such as USB devices.
 ms.service: defender-endpoint
@@ -27,11 +27,7 @@ appliesto:
 
 ## Requirements
 
-Device control for macOS has the following prerequisites:
-
-- Defender for Endpoint or Defender for Business licenses (can be a trial subscription)
-- Minimum OS version: macOS 11 or higher
-- Minimum product version: `101.34.20`
+Device control for macOS is available on the versions listed in the [System requirements](/defender-endpoint/microsoft-defender-endpoint-mac) section of Defender for Endpoint on macOS documentation.
 
 ## Overview